Security Incident & Twitter Account Compromise Notification

Dear Rho users,

We hereby announce an important matter to maintain transparency and communicate with you in a timely manner.

Here is the Story Line:

1. On the 21st at 5:41 PM, we noticed a suspicious login attempt on an Apple device using an email address. The login location was shown as Manhattan, indicating someone tried to access your Apple device using that email.
2. Just a minute later, we took immediate action by enabling two-step verification (2FA) on your Twitter account and sent you a confirmation email. This precautionary measure was taken to ensure the security of your account, preventing unauthorized access attempts.
3. At 55 minutes past the hour, we observed an attempt to add the handle @yegbee as a representative of our official account. We are deeply concerned about this and have taken immediate steps to protect the security of your account.
4. Our official account is linked to an email and the personal phone number of our founder, Peter. These binding details are crucial for protecting the security of the account.
5. On Twitter, we have implemented the option to log in using a mobile verification code to enhance the security of your account.
6. Unfortunately, we discovered that Peter’s mobile number’s eSIM card was hijacked and transferred to another device. This incident took place at an AT&T retail store in Atlanta, United States, and bypassed the identity verification process. This means that someone successfully hijacked Peter’s mobile number and can receive all verifications and communications related to that number.
7. Since then, we have been unable to access the official account as the hijacker possesses important login credentials and may have engaged in malicious activities.
8. Following the hijacking incident, the perpetrator started using our official Twitter account to post malicious fraudulent links at a frequency of 3–4 times per day. We sincerely apologize for any inconvenience and distress caused to you and our followers due to this unauthorized usage.

These malicious links aim to deceive, phish, or engage in other malicious activities, intending to defraud or harm our followers and users. We strongly urge you and our followers to remain vigilant and refrain from clicking on any suspicious links posted by our official Twitter account.

As the hijacker possesses important login credentials to our official Twitter account and timely restoration of access has not been possible, we have been unable to prevent the hijacker from continuing to misuse the account to disseminate malicious links. We are actively collaborating with the Twitter support team to regain control of our official Twitter account.

We will continue to maintain communication with the Twitter support team, requesting their assistance in recovering control of our official Twitter account. We appreciate your understanding and patience, and we are committed to resolving this issue as quickly as possible.

Additionally, we kindly request that you inform your followers and users, advising them not to click on any suspicious links posted by our official Twitter account. We recommend that they remain vigilant and take necessary precautions to ensure their personal information and account security.

To prevent similar incidents from occurring in the future, we will strengthen our account security measures, including password changes, enabling more robust authentication methods, and closely monitoring account activity.

We apologize for any inconvenience and distress caused by this incident and assure you that we are committed to resolving this issue as quickly as possible. Thank you for your understanding and support.

If you have any questions or require further assistance, we are here to support you.

Thank you.

Warm regards,

Rho Teams